yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1037562] Re: Different secgroups can't be applied to different interfaces

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Cedric Brandily <1037562@xxxxxxxxxxxxxxxxxx>
Date: Tue, 29 Sep 2015 22:01:27 -0000
Reply-to: Bug 1037562 <1037562@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug concerns at most nova as neutron is able to handle secgroup per
port.

Moreover nova is able to boot a vm using existing neutron ports (with
specific secgroups) so this bug seems invalid fro nova also

** Changed in: neutron
       Status: Incomplete => Invalid

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1037562

Title:
  Different secgroups can't be applied to different interfaces

Status in neutron:
  Invalid
Status in OpenStack Compute (nova):
  Confirmed

Bug description:
  With the coming of quantum it's quite reasonable to start an interface
  attached to multiple network segments with different purposes.  But
  there's only one security group for the whole machine, so I can't
  define different firewalling for the internal and external interfaces
  of a VM, for example.

  secgroups should apply to interfaces, not machines as a whole.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1037562/+subscriptions